sb-au logo
Story image

Shadow data could cost organisations millions

The threat of shadow data in the enterprise is on the rise as cloud app usage surges, opening organisations to $1.9 million in potential losses, according to a new report from Blue Coat Systems and Elastica Cloud Threat Labs team.

Significantly, the report found that organisations are not aware that 26% of documents stored in cloud apps are broadly shared, meaning that any employee can access them, that they are shared externally with contractors and partners, and in some cases publicly accessible and discoverable through Google search.

On top of this, findings showing that 1 out of 10 documents shared broadly contain data that is sensitive and/or subject to compliance regulations, such as source code (48%), Personally Identifiable Information (PII) (33%), Protected Health Information (PHI) (14%), and Payment Card Industry (PCI) data (5%).

Shadow data driving financial risks

The level of financial risk shadow data is creating among organisations is notable, the report shows.

For the second half of 2015, Elastica calculated that the potential financial impact on the average organisation from the leakage of its sensitive cloud data was $1.9 million.

Healthcare organisations face an even greater risk with a potential impact reaching as high as $12 million. The education sector also ranked high for financial risk at $5.9 million, the report finds.

Cloud app usage up in organisations; Office 365 the most popular choice

Elastica analysed the most popular cloud business applications and found that Microsoft Office 365 was the most widely used, knocking Twitter out of the top spot from earlier this year.

The analysis showed that companies currently have, on average, 812 cloud applications running. When last reported in June this figure was 774.

The top 10 apps in use within enterprises today are Office 365, Twitter, YouTube, LinkedIn, Google Apps, Salesforce, AWS, Dropbox, Skype, and Box.

Multiple, varied threats targeting cloud data

Analysis revealed that there were three primary threats facing organisations using sanctioned and unsanctioned cloud apps: data exfiltration (theft), data destruction, and account takeover.

Exfiltration was, unsurprisingly, the most frequent threat at 77%. The methods by which exfiltration is taking place are: anomalous frequent emails sent (18%), anomalous frequent sharing (41%), anomalous frequent downloads (15%), and anomalous frequent previews (3%). The latter may suggest users are taking screenshots of sensitive data.

“We’ve reached a point in the security lifecycle where shadow IT should no longer be the primary focus. By now, organisations should have a grip on cloud applications available and have enforceable policies in place with the ability to control which are in use,” says Rehan Jalil, Elastica president and CEO.

“It’s time to start focusing on the real problems, which are the need to know what types of information employees are sharing, who is able to access data and how to stop high-risk exposures that lead to data breaches,” he says.

Report analysis was conducted using the Elastica CloudSOC platform, and provided insights into 63 million enterprise documents within leading cloud applications, including Microsoft Office 365, Google Drive, Salesforce, Box and others.

Story image
IronNet expands Asia Pacific presence with new strategic partnership
“The combination of M.Tech’s extensive network in Asia Pacific and our unparalleled expertise in threat intelligence and detection will help more enterprises across the region to proactively identify and take down known and unknown threats before they happen.”More
Story image
How Bitcoin could impact the cyber-threat landscape
Bitcoin's escalating valuation has made some criminal organisations and malicious individuals very wealthy. The impact of this growth in wealth may have a severe impact on the future threat landscape.More
Story image
SMEs treading water against 'endless volley' of cyber-attacks — report
According to a new report from Cynet, these SMEs are resorting to outsourcing some aspects of their threat mitigation in order to safeguard IT assets, as a result of the heightened risk of serious breaches.More
Story image
Entrust acquires HyTrust, with aim to improve data encryption solutions
Entrust says the acquisition will bolster its effort to deliver data protection and compliance solutions to its customers, while accelerating their digital transformations.More
Story image
Cybercriminals leverage AI to sustain attacks on enterprises
What is less discussed is how cybercriminals are taking advantage of those very same technologies to automate their attacks, too.More
Story image
Microsoft top targeted brand by cyber criminals in Q4 2020
In Q4, 43% of all brand phishing attempts related to Microsoft (up from 19% in Q3), as threat actors continued to try to capitalise on people working remotely during the COVID-19 pandemic’s second wave. More